def testSaveToFile(self): settings = Settings(config_file=os.path.join(self.current_dir, 'test_settings.cfg')) self.failUnless(settings.slcs_idp == "TestIDP") self.failUnless(settings.slcs_url == "http://localhost", "instead has value %s" % settings.slcs_url) out = StringIO() settings.save(out) out.seek(0) contents = ''.join(out.readlines()) self.failUnless(contents == self.cfg, "contents has value %s" % repr(contents))
def myproxy_upload(dummy, a1, a2, u, p, my_u, my_p): # SDF - sys.argv must be set up manually when embedding (ie calling from C) # since python doesn't do it - which results in a crash when code # tries to process a non-existent thing # NB : add -k arg if we cant force it to do that auto sys.argv = ["", a1, a2] try: (options, args) = parser.parse_args() if options.version: from slick.common import version print version return if not path.exists(options.store_dir): os.mkdir(options.store_dir) formatter = None log_level = logging.WARNING # default if options.verbose == 1: formatter = "%(message)s" log_level = logging.INFO elif options.verbose >= 2: formatter = DEBUG_FORMAT log_level = logging.DEBUG # Set up basic configuration, out to stderr with a reasonable default format. if formatter: logging.basicConfig(level=log_level, format=formatter) else: logging.basicConfig(level=log_level) settings = Settings(options, args) # CURRENT # settings.myproxy_host = "myproxy.arcs.org.au" # settings.myproxy_port = 7512 # settings.myproxy_user = "******" # check that we can complete all the reqiuested operations with the # supplied information. # if settings.slick_myproxy: # if not (settings.myproxy_host and settings.myproxy_port and settings.myproxy_user): # print "You haven't sepcified enough information to enable myproxy connection." # return # Cert cert using specific IdP idp = Idp(settings.slcs_idp) c = SimpleCredentialManager(str(u), str(p)) cj = MozillaCookieJar() shibopener = Shibboleth(idp, c, cj) slcsresp = shibopener.openurl(settings.slcs_url) # Set the settings class idp to equal the idp handlers idp settings.slcs_idp = idp.idp log.info("Writing to files") cert = slcs(slcsresp) key_path = path.join(options.store_dir, "userkey.pem") if not options.key: def callback(verify=False): from getpass import getpass while 1: p1 = getpass("Enter passphrase(or none for idp password):") if not p1: p1 = c.get_password() return p1 p2 = getpass("Verify passphrase:") if p1 == p2: return p1 print "Password doesn't match" else: def callback(verify=False): return c.get_password() # cert.get_key()._key.save_pem(key_path, callback=callback) cert.get_key()._key.save_pem(key_path, callback=lambda *x: str(p)) os.chmod(key_path, 0600) cert_path = path.join(options.store_dir, "usercert.pem") cert_file = open(path.join(options.store_dir, "usercert.pem"), "w") cert_file.write(repr(cert)) cert_file.close() os.chmod(cert_path, 0644) if options.write: log.info("Writing the config file") settings.save() # print "\nexport X509_USER_CERT=%s\nexport X509_USER_KEY=%s" % \ # (cert_path, key_path) # if settings.slick_proxy: # p = ProxyCertificate(cert) # proxy_path = path.join(tempfile.gettempdir(), 'x509up_u' + str(os.getuid())) # proxy_file = open(proxy_path, 'w') # proxy_file.write(repr(p)) # proxy_file.write(str(p._proxy.get_key())) # proxy_file.write(repr(cert)) # proxy_file.close() # os.chmod(proxy_path, 0600) # myproxy upload # NB: GLOBUS_LOCATION env messes with this, undef it if exists? gl = os.environ.get("GLOBUS_LOCATION") if gl: print "WARNING: remove GLOBUS_LOCATION definition from your environment" # CURRENT - disabled for now as it generates only RFC 3820 proxies (incompat with grisu 0.2.2) # from myproxy import client # # print "uploading proxy for: " + my_u # # c = client.MyProxyClient(hostname='myproxy2.arcs.org.au', # serverDN='/C=AU/O=APACGrid/OU=VPAC/CN=myproxy2.arcs.org.au') # c.put(my_u, my_p, cert, cert.get_key()._key, lambda *x: str(p), retrievers='*') return except KeyboardInterrupt: print "\nCancelled" return if len(sys.argv) == 1: parser.print_help()
def main(*arg): try: (options, args) = parser.parse_args() if options.version: from slick.common import version print version return if not path.exists(options.store_dir): os.mkdir(options.store_dir) formatter = None log_level = logging.WARNING # default if options.verbose == 1: formatter = "%(message)s" log_level = logging.INFO elif options.verbose >= 2: formatter = DEBUG_FORMAT log_level = logging.DEBUG # Set up basic configuration, out to stderr with a reasonable default format. if formatter: logging.basicConfig(level=log_level, format=formatter) else: logging.basicConfig(level=log_level) settings = Settings(options, args) # check that we can complete all the reqiuested operations with the # supplied information. if settings.slick_myproxy: if not (settings.myproxy_host and settings.myproxy_port and settings.myproxy_user): print "You haven't sepcified enough information to enable myproxy connection." return # Cert cert using specific IdP idp = Idp(settings.slcs_idp) c = CredentialManager() cj = MozillaCookieJar() shibopener = Shibboleth(idp, c, cj) slcsresp = shibopener.openurl(settings.slcs_url) # Set the settings class idp to equal the idp handlers idp settings.slcs_idp = idp.idp log.info('Writing to files') cert = slcs(slcsresp) key_path = path.join(options.store_dir, 'userkey.pem') if not options.key: def callback(verify=False): from getpass import getpass while 1: p1 = getpass('Enter passphrase(or none for idp password):') if not p1: p1 = c.get_password() return p1 p2 = getpass('Verify passphrase:') if p1 == p2: return p1 print "Password doesn't match" else: def callback(verify=False): return c.get_password() cert.get_key()._key.save_pem(key_path, callback=callback) os.chmod(key_path, 0600) cert_path = path.join(options.store_dir, 'usercert.pem') cert_file = open(path.join(options.store_dir, 'usercert.pem'), 'w') cert_file.write(repr(cert)) cert_file.close() os.chmod(cert_path, 0644) if options.write: log.info('Writing the config file') settings.save() print "\nexport X509_USER_CERT=%s\nexport X509_USER_KEY=%s" % \ (cert_path, key_path) if settings.slick_proxy: p = ProxyCertificate(cert) proxy_path = path.join(tempfile.gettempdir(), 'x509up_u' + str(os.getuid())) proxy_file = open(proxy_path, 'w') proxy_file.write(repr(p)) proxy_file.write(str(p._proxy.get_key())) proxy_file.write(repr(cert)) proxy_file.close() os.chmod(proxy_path, 0600) if settings.slick_myproxy: if settings.myproxy_host and settings.myproxy_port and settings.myproxy_user: from myproxy import client c = client.MyProxyClient(hostname=settings.myproxy_host, port= settings.myproxy_port, serverDN='') username = settings.myproxy_user def callback(verify=False): from getpass import getpass while 1: p1 = getpass('Enter passphrase:') if not p1: p1 = c.get_password() return p1 p2 = getpass('Verify passphrase:') if p1 == p2: return p1 print "Password doesn't match" passphrase = callback() c.put(username, passphrase, cert, cert.get_key()._key, lambda *a: '', retrievers='*') # c.put(username, passphrase, cert, cert.get_key()._key, lambda *a: '', # ownerCertFile=cert, ownerKeyFile=cert.get_key(), retrievers='*') else: print "Not enough info was passed to connect to a myproxy server" return except KeyboardInterrupt: print "\nCancelled" return if len(sys.argv) == 1: parser.print_help()